AVG-2505 log

Package vivaldi
Status Fixed
Severity High
Type multiple issues
Affected 4.3.2439.56-1
Fixed 4.3.2439.63-1
Current 5.2.2623.48-1 [community]
Ticket None
Created Fri Oct 29 16:55:13 2021
Issue Severity Remote Type Description
CVE-2021-38002 High Yes Arbitrary code execution
A use after free security issue has been found in the Web Transport component of the Chromium browser engine before version 95.0.4638.69.
CVE-2021-37999 High Yes Insufficient validation
An insufficient data validation security issue has been found in the New Tab Page component of the Chromium browser engine before version 95.0.4638.69.
CVE-2021-37997 High Yes Arbitrary code execution
A use after free security issue has been found in the Sign-In component of the Chromium browser engine before version 95.0.4638.69.
References
https://vivaldi.com/blog/desktop/update-two-4-3/
https://vivaldi.com/blog/desktop/update-three-4-3/
https://chromium.googlesource.com/chromium/src/+log/94.0.4606.104..94.0.4606.114?pretty=fuller&n=10000
Notes
Vivaldi version 4.3.2439.56 is based on Chromium version 94.0.4606.104, Vivaldi version 4.3.2439.63 is based on Chromium version 94.0.4606.114 according to the references.